-
Bug
-
Resolution: Done
-
Major
-
7.1.0.ER2
-
Documentation (Ref Guide, User Guide, etc.)
-
-
-
-
-
-
Reverse proxy in Undertow does not work with OpenSSL provider configured. Follow Steps to Reproduce section to configure and check error. On proxy there is following exception logged:
18:27:26,640 FINE [org.wildfly.openssl.OpenSSLEngine] (default I/O-12) The version of SSL in use does not support cipher ordering 18:27:26,642 DEBUG [io.undertow.request] (default I/O-12) Matched prefix path /proxy for path /proxy 18:27:26,643 FINE [org.wildfly.openssl.OpenSSLEngine] (default I/O-12) The version of SSL in use does not support cipher ordering 18:27:26,644 DEBUG [io.undertow.request] (default I/O-12) Failed to connect: java.io.IOException: java.lang.UnsupportedOperationException at io.undertow.protocols.ssl.UndertowXnioSsl$StreamConnectionChannelListener.handleEvent(UndertowXnioSsl.java:328) at io.undertow.protocols.ssl.UndertowXnioSsl$StreamConnectionChannelListener.handleEvent(UndertowXnioSsl.java:306) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.nio.WorkerThread$ConnectHandle.handleReady(WorkerThread.java:330) at org.xnio.nio.WorkerThread.run(WorkerThread.java:571) Caused by: java.lang.UnsupportedOperationException at org.wildfly.openssl.OpenSSLEngine.setUseClientMode(OpenSSLEngine.java:1062) at org.xnio.ssl.JsseSslUtils.createSSLEngine(JsseSslUtils.java:148) at io.undertow.protocols.ssl.UndertowXnioSsl$StreamConnectionChannelListener.handleEvent(UndertowXnioSsl.java:321) ... 4 more
Worker does not log anything important. When standard jsse provider is configured on proxy
/subsystem=elytron/server-ssl-context=twoWaySSC:undefine-attribute(name=providers)
proxying starts to work and one can see EAPs welcome page.
- is related to
-
JBEAP-11599 OpenSSL client ignores certificate validation result
- Closed